ГлавнаяУязвимости → CVE-2025-52543
7.5высокая

CVE-2025-52543

Описание

E3 Site Supervisor Control (firmware version < 2.31F01) application services (MGW and RCI) uses client side hashing for authentication. An attacker can authenticate by obtaining only the password hash.

Затрагиваемое ПО
Copeland E3 supervisory controller firmwareCopeland Site supervisor bx 860-1240Copeland Site supervisor bxe 860-1245Copeland Site supervisor cx 860-1260Copeland Site supervisor cxe 860-1265Copeland Site supervisor rx 860-1220Copeland Site supervisor rxe 860-1225Copeland Site supervisor sf 860-1200
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Источники
https://www.armis.com/research/frostbyte10/